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DETAILED ACTION 

1. Claims 1-14 have been examined. 

> 

Claim Objections 

1 . Claim 3 is objected to because of the following informalities: lack of clarification. 
The limitation, "responding to the key confirmation message with a downloading 
message to allow the slave cryptographic unit retrieving requested information" does not 
specify a function of the "slave cryptographic unit" after it conducts "retrieving requested 
information". The Examiner will broadly interpret the claim as "to allow the slave 
cryptographic unit to retrieve requested information". Appropriate correction is required. 

2. Claim 7 is objected to because of the following informalities: missing word. In 
line 3, "to validate an initial held by the slave cryptographic unit", does not specify as to 
what is being validated. For the purposes of examination, the Examiner will broadly 
interpret the limitation to be pertaining to "an initial key". Appropriate correction is 
required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 7 and 9 rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

4. Claim 7 recites the limitation "the rest message" in line 2. There is insufficient 
antecedent basis for this limitation in the claim. 
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5. Claim 9 recites the limitation "the resent message" in line 3. There is insufficient 
antecedent basis for this limitation in the claim. 

6. For purposes of examination, the Examiner will interpret "the rest message" and 
"the resent message" as the "reset message" as found in claim 1. Appropriate 
correction is required. 

Claim Rejections - 35 USC § 102 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-14 are rejected under 35 U.S.C. 102(b) as being anticipated by United 
States Patent No. 6,233,565 to Lewis et al., hereinafter Lewis. 

7. Regarding claim 1 , Lewis teaches a method of secure data exchange between a 
master cryptographic unit and a slave cryptographic unit, comprising the steps of: 
sending either a reset message or a key validation message to request the master 
cryptographic unit to validate a key held by the slave cryptographic unit (column 15, 
lines 47-64, "entries are checked against the customer record in the Master Database 
305", column 19, lines 60-67, column 20, lines 1-15 and 57-67, column 21, lines 64-67, 
column 22, lines 1-9, 16-25 and 42-67, column 23, lines 1-22 and 35-48, "session keys 
exchanged", column 24, lines 16-37 and 54-67, column 25, lines 1-28 and 53-67, 
column 26, lines 1-12, column 28, lines 14-28 and 50-67, column 29, lines 1-35 and 49- 
67, column 30, lines 1-9, 14-29, column 31, lines 5-15 and column 32, lines 34-39); 
forwarding a key exchange message, which includes a new key encrypted through the 
key held by the slave cryptographic unit, from the master cryptographic unit to the slave 
cryptographic unit (column 15, lines 47-64, "the customer 2n will receive a public key 
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and a private key pair file in encrypted form from the web server 150", column 19, lines 
60-67, column 20, lines 1-15 and 57-67, column 21, lines 64-67, column 22, lines 1-9, 
16-25 and 42-67, column 23, lines 1-22 and 35-48, "session keys exchanged", column 
24, lines 16-37 and 54-67, column 25, lines 1-28 and 53-67, column 26, lines 1-12, 
column 28, lines 14-28 and 50-67, column 29, lines 1-35 and 49-67, column 30, lines 1- 
9, 14-29, column 31, lines 5-15 and column 32, lines 34-39). 

8. Regarding claim 2, Lewis teaches a step of sending a key confirmation message 
to notify the master cryptographic unit that the new key is correctly received by the slave 
cryptographic unit (column 25, lines 1-28 and 61-67, column 26, lines 1-12, column 28, 
lines 20-28 and 50-67, column 29, lines 1-40, "recipient uses the hash to ensure 
message integrity" and lines 49-67, "mailed to the client", column 30, lines 1-29 and 
column 32, lines 34-39). 

9. Regarding claim 3, Lewis teaches responding to the key confirmation message 
with a downloading message to allow the slave cryptographic unit retrieving requested 

< 

information (column 11 , lines 46-57, "customer then downloads the client software 
program for operating the system", column 15, lines 47-67, "If the customer number and 
password are valid, the download will proceed", column 16, lines 1-4 and column 22, 
lines 50-57); 

sending a finish message to the master cryptographic unit after the requested 
information is completely downloaded (column 16, lines 18-43, column 17, lines 4-15, "A 
'result' code is passed back to the purchase server 190 to indicate whether the credit 
card has been approved or not" and column 29, lines 20-26, "the protocol is complete"). 
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10. Regarding claim 4, Lewis teaches wherein the reset message requests the 
master cryptographic unit to validate an initial key held by the slave cryptographic unit 
(column 4, lines 18-35, column 6, lines 1-15, column 15, lines 47-64, column 18, lines 2- 
8, "confirming the success or failure of the transaction", column 19, lines 60-67, column 
20, lines 61-67, column 22, lines 42-67, "Key File will contain the necessary information 
to uniquely identify and authenticate a client 2n to the server 4", column 24, lines 16-33, 
column 28, lines 50-61, column 29, lines 20-35 and column 32, lines 34-39). 

1 1 . Regarding claim 5, Lewis teaches wherein the initial key is either p re-configured 
by factories and permanently stored in the slave cryptographic unit or obtained from the 
master cryptographic unit through a manual login (column 11, lines 46-66, column 15, 
lines 47-64, "the customer 2n will receive a public key and a private key pair file in 
encrypted form from the web server 150", column 22, lines 2-9 and 42-67, column 23, 
lines 1-8, column 24, lines 16-33, column 28, lines 21-28 and 50-67, column 29, lines 1- 
1 1 and 49-62, "server 4 initially produces the client authentication keys" and column 30, 
lines 13-29). 

12. Regarding claim 6, Lewis teaches a step of notifying the slave cryptographic unit 
that the key is invalid after the key validation message is sent (column 20, lines 61-67, 
"Invalid information will be identified once valid information is provided", column 29, 
lines 62-67 and column 30, lines 1-11, "After a client 2n authenticates with the server 4, 
the server 4 will notify the client if the keys have expired"). 

13. Regarding claim 7, Lewis teaches a step of sending the rest message to request 
the master cryptographic unit to validate an initial held by the slave cryptographic unit 
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(column 4, lines 18-35, column 6, lines 1-15, column 15, lines 47-64, column 18, lines 2- 
8, "confirming the success or failure of the transaction", column 19, lines 60-67, column 
20, lines 61-67, column 22, lines 42-67, "Key File will contain the necessary information 
to uniquely identify and authenticate a client 2n to the server 4", column 24, lines 16-33, 
column 28, lines 50-61, column 29, lines 20-35 and column 32, lines 34-39). 
14. Regarding claim 8, Lewis teaches sending another key validation message to 
request the master cryptographic unit to validate the new key held by the slave 
cryptographic unit (column 4, lines 18-35, column 6, lines 1-15, column 15, lines 47-64, 
column 18, lines 2-8, "confirming the success or failure of the transaction", column 19, 
lines 60-67, column 20, lines 61-67, column 22, lines 42-67, "Key File will contain the 
necessary information to uniquely identify and authenticate a client 2n to the server 4", 
column 23, lines 10-22, "re-generate a new pair of public and private keys 532", column 
24, lines 16-33, column 28, lines 50-61, column 29, lines 20-35 and column 32, lines 34- 
39); 

forwarding another key exchange message, which includes a renewed key encrypted 

» 

through the new key held by the slave cryptographic unit (column 4, lines 18-35, column 
6, lines 1-15, column 15, lines 47-64, column 18, lines 2-8, "confirming the success or 
failure of the transaction", column 19, lines 60-67, column 20, lines 61-67, column 22, 
lines 42-67, "Key File will contain the necessary information to uniquely identify and 
authenticate a client 2n to the server 4", column 23, lines 10-22, "re-generate a new pair 
of public and private keys 532" and lines 36-48, column 24, lines 16-33, column 28, 
lines 50-61, column 29, lines 20-35 and column 32, lines 34-39). 
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15. Regarding claim 9, Lewis teaches a step of notifying the slave cryptographic unit 
that the key is invalid after the resent message is sent (column 20, lines 61-67, "Invalid 
information will be identified once valid information is provided", column 29, lines 62-67 
and column 30, lines 1-11, "After a client 2n authenticates with the server 4, the server 4 
will notify the client if the keys have expired"). 

16. Regarding claim 10, Lewis teaches wherein the master cryptographic unit is a 
key distribution server (column 15, lines 47-64, "the customer 2n will receive a public 
key and a private key pair file in encrypted form from the web server 150", column 19, 
lines 60-67, column 20, lines 1-15 and 57-67, column 21, lines 64-67, column 22, lines 
1-9, 16-25 and 42-67, column 23, lines 1-22 and 35-48, "session keys exchanged", 
column 24, lines 16-37 and 54-67, column 25, lines 1-28 and 53-67, column 26, lines 1- 
12, column 28, lines 14-28 and 50-67, column 29, lines 1-35 and 49-67, column 30, 
lines 1-9, 14-29, column 31, lines 5-15 and column 32, lines 34-39). 

17. Regarding claim 11, Lewis teaches wherein the key distribution server is included 
in an automatic provisioning system (column 15, lines 47-64, "If the customer number 
and password are valid, the download will proceed", column 23, lines 35-48, column 24, 
lines 16-33 and column 35, lines 51-62). 

18. Regarding claim 12, Lewis wherein the slave cryptographic unit is a client 
(column 15, lines 47-64, "the customer 2n will receive a public key and a private key 
pair file in encrypted form from the web server 150", column 19, lines 60-67, column 20, 
lines 1-15 and 57-67, column 21, lines 64-67, column 22, lines 1-9, 16-25 and 42-67, 
"Key File will contain the necessary information to uniquely identify and authenticate a 
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client 2n to the server 4", column 23, lines 1-22 and 35-48, "session keys exchanged", 
column 24, lines 16-37 and 54-67, column 25, lines 1-28 and 53-67, column 26, lines 1- 
12, column 28, lines 14-28 and 50-67, column 29, lines 1-35 and 49-67, column 30, 
lines 1-9, 14-29, column 31, lines 5-15 and column 32, lines 34-39). 
19. Regarding claim 13, Lewis teaches wherein the reset message includes an initial 
key, a physical address of the slave cryptographic unit, timestamp data and hash data 
(column 5, lines 11-26 and 54-58, column 6, lines 1-15, column 15, lines 47-64, column 

19, lines 52-67, column 21, lines 39-67, "proof of valid physical address will be initially 
established", column 22, lines 42-67, "Key File will contain the necessary information to 
uniquely identify and authenticate a client 2n to the server 4", column 23, lines 1-22, 
column 25, lines 1-15, "date/time stamp", column 27, lines 25-39, "a new user 2n would 
contact the server 4 with information that uniquely identifies him/herself, column 29, 
lines 1-1 1 and 49-67 and column 30, lines 1-11). 

20. Regarding claim 14, Lewis teaches wherein the key validation message includes 
the key, a physical address of the slave cryptographic unit, timestamp data and hash 
data (column 5, lines 11-26 and 54-58, column 6, lines 1-15, column 15, lines 47-64, 
column 19, lines 52-67, column 21, lines 39-67, "proof of valid physical address will be 
initially established", column 22, lines 42-67, "Key File will contain the necessary 
information to uniquely identify and authenticate a client 2n to the server 4", column 23, 
lines 1-22, column 25, lines 1-15, "date/time stamp", column 27, lines 25-39, "a new 
user 2n would contact the server 4 with information that uniquely identifies him/herself, 
column 29, lines 1-11 and 49-67 and column 30, lines 1-11). 
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21 . With regards to claims 1 3 and 14, it is known in the art that within a client/server 
environment, the location or "address" of each respective device will exist and be known 
between said client and server. 

Conclusion 

22. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. The following United States Patents are cited to further show the 
state of the art with respect to secure exchange of data within a network environment, 
such as: 

United States Patent No. 6,757,710 to Reed which is cited to show an automated 
communications system that operates to transfer data, metadata and methods from a 
provider computer to a consumer computer through a communications network. 

United States Patent No. 6,704,873 to Underwood which is cited to show a 
secure gateway interconnection in an e-commerce based environment. 

23. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeremiah Avery whose telephone number is (571) 272- 
8627. The examiner can normally be reached on Monday thru Friday 8:30am-5pm. 

24. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for 

» 

the organization where this application or proceeding is assigned is 571-273-8300. 
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25. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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